Web, AJAX slammed for deficiencies

Web, AJAX slammed for deficiencies

JSON founder goes through list of issues, including security holes and difficult programming models

The Web and AJAX have many deficiencies, including security holes, and much more needs to be done to iron out these problems, according to a keynote speaker at The Rich Web Experience conference in San Jose.

After taking the audience through a history of computing interfaces beginning with Hollerith cards to time-sharing and finally to the Web, Douglas Crockford, an architect at Yahoo and creator of JSON (JavaScript Object Notation), gave a mostly gloomy presentation on AJAX (Asynchronous JavaScript and XML) and the Web. His presentation was entitled, "The State of AJAX."

"The sad thing was the Web was a step backward in terms of interactivity when it debuted," Crockford said.

It looked like Java would fix the problem with applets. "Unfortunately, Java was a huge failure. It completely collapsed. It didn't meet any of its goals," he said. Java's write-once, run-everywhere promise was not kept; it had an unworkable security model and a tedious UI model, said Crockford. Java did, however, become very successful on the server, he added.

This left JavaScript and then XMLHTTP requests for communicating from the browser to the data server. "It was really Microsoft that created all the components that AJAX needed," Crockford said.

AJAX applications are highly interactive, highly social, easy to use, and offer great network efficiency, according to Crockford. "The big problem is that it is too damn hard to write these apps," he said.

"The most interesting innovation in software development in 20 years has got to be the mashup," which shows the benefits of distributed programming. "Unfortunately, mashups are insecure [in the browser]," said Crockford, with components unable to be protected from each other.

The model in the browser is fully broken and needs to be fixed, he said. "The Web is an exploit waiting to happen," Crockford said.

Crockford then went through a critique of various Web technologies.

"JavaScript is a deeply flawed language," with an unpopular programming model. "But to its credit, it's working really, really well in an environment where Java failed," said Crockford.

The planned JavaScript 2 upgrade also has problems. "It will make the language considerably more complicated," Crockford said.

HTML raises questions about whether it is a document format or an application delivery format; it has low graphical ability and is missing a compositing model. With AJAX, HTML needs to be an application delivery format, said Crockford. XHTML was supposed to replace HTML, but it died because it was too brittle, he said.

CSS (Cascading Style Sheets) presents a styling layer in the browser, but it is slow, complex, and incredibly fragile. "It surprises me that there is not a greater call for its replacement," Crockford said.

XML is complicated and inefficient, he said. "Fortunately, XML has been replaced by JSON," Crockford said. "This gives me some confidence that we can fix the standards in the Web. This is our first success at that."

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


Show Comments